"Miha" <miha.ber***@isg.si> wrote in message
news:ue1xFNrYFHA.2664@TK2MSFTNGP15.phx.gbl...
>
> Hello
>
> In our organization we installed RRAS VPN server (on Windows 2003).
> We want to use L2TP/IPsec, so I enabled option 'allow custom IPsec policy
> for L2TP connection' and entered pre-shared key.
>
> Is it possible to use L2TP/IPsec connection without pre-shared key based
> only on certificates?
> Can anyone please explain me what is the procedure to configure RRAS
server
> to accept connections only from clients that have certificates (we have CA
> already installed in our local domain).
> Any guides or answers will be welcome
>
> Best regards
> Miha
>
>
>

"Henrik" <henrik_the_b***@hotmail.com> je napisal v sporoèilo
news:ek6WvGsYFHA.712@TK2MSFTNGP14.phx.gbl ...
>
> As this is a common problem, that also firewall admins have, I believe the
> topic has been discussed in regards to ISA Server on  www.isaserver.org.
> Havent read more than the title of this article, but it seems relevant at
> least:
>
> Configuring Windows Server 2003-based ISA Server Firewall/VPN Server to
> accept inbound nat-t L2TP/IPSec calls
>   http://www.isaserver.org/tutorials/natt2003.html
>
> // Henrik
>
>
> "Miha" <miha.ber***@isg.si> wrote in message
> news:ue1xFNrYFHA.2664@TK2MSFTNGP15.phx.gbl...
>>
>> Hello
>>
>> In our organization we installed RRAS VPN server (on Windows 2003).
>> We want to use L2TP/IPsec, so I enabled option 'allow custom IPsec policy
>> for L2TP connection' and entered pre-shared key.
>>
>> Is it possible to use L2TP/IPsec connection without pre-shared key based
>> only on certificates?
>> Can anyone please explain me what is the procedure to configure RRAS
> server
>> to accept connections only from clients that have certificates (we have
>> CA
>> already installed in our local domain).
>> Any guides or answers will be welcome
>>
>> Best regards
>> Miha
>>
>>
>>
>
>
>

"Miha" <miha.ber***@isg.si> wrote in message
news:uPuTGNsYFHA.3280@TK2MSFTNGP09.phx.gbl...
>
> Thanks, but this is all related to ISA server.
> We want to establish a L2TP/IPsec with certificates VPN on a Win2003
Server
> behind Linux firewall.
> I configured FW for passing-through L2TP/IPsec traffic, now we need to
> implement certificates for clients who wants to connects to RRAS
> VPN, so that RRAS will only accept connections from clients that have
> certificates installed.
> Any ideas how?
>
> Regards
> Miha
>
> "Henrik" <henrik_the_b***@hotmail.com> je napisal v sporoèilo
> news:ek6WvGsYFHA.712@TK2MSFTNGP14.phx.gbl ...
> >
> > As this is a common problem, that also firewall admins have, I believe
the
> > topic has been discussed in regards to ISA Server on  www.isaserver.org.
> > Havent read more than the title of this article, but it seems relevant
at
> > least:
> >
> > Configuring Windows Server 2003-based ISA Server Firewall/VPN Server to
> > accept inbound nat-t L2TP/IPSec calls
> >   http://www.isaserver.org/tutorials/natt2003.html
> >
> > // Henrik
> >
> >
> > "Miha" <miha.ber***@isg.si> wrote in message
> > news:ue1xFNrYFHA.2664@TK2MSFTNGP15.phx.gbl...
> >>
> >> Hello
> >>
> >> In our organization we installed RRAS VPN server (on Windows 2003).
> >> We want to use L2TP/IPsec, so I enabled option 'allow custom IPsec
policy
> >> for L2TP connection' and entered pre-shared key.
> >>
> >> Is it possible to use L2TP/IPsec connection without pre-shared key
based
> >> only on certificates?
> >> Can anyone please explain me what is the procedure to configure RRAS
> > server
> >> to accept connections only from clients that have certificates (we have
> >> CA
> >> already installed in our local domain).
> >> Any guides or answers will be welcome
> >>
> >> Best regards
> >> Miha
> >>
> >>
> >>
> >
> >
> >
>
>
>

"Henrik" <henrik_the_b***@hotmail.com> je napisal v sporoèilo
news:%23$VTzVsYFHA.2520@TK2MSFTNGP09.phx.gbl ...
>
> Sorry, can't help you there.
>
> Since we sometimes work out in the field, and then often don't have our
> computers, but use the customers' computers, we need can't use L2PT, as we
> can't install certificates on their computers so that we can VPN into our
> offices if we need to. So we only use PPTP.
>
> // Henrik
>
> "Miha" <miha.ber***@isg.si> wrote in message
> news:uPuTGNsYFHA.3280@TK2MSFTNGP09.phx.gbl...
>>
>> Thanks, but this is all related to ISA server.
>> We want to establish a L2TP/IPsec with certificates VPN on a Win2003
> Server
>> behind Linux firewall.
>> I configured FW for passing-through L2TP/IPsec traffic, now we need to
>> implement certificates for clients who wants to connects to RRAS
>> VPN, so that RRAS will only accept connections from clients that have
>> certificates installed.
>> Any ideas how?
>>
>> Regards
>> Miha
>>
>> "Henrik" <henrik_the_b***@hotmail.com> je napisal v sporoèilo
>> news:ek6WvGsYFHA.712@TK2MSFTNGP14.phx.gbl ...
>> >
>> > As this is a common problem, that also firewall admins have, I believe
> the
>> > topic has been discussed in regards to ISA Server on
>> > www.isaserver.org.
>> > Havent read more than the title of this article, but it seems relevant
> at
>> > least:
>> >
>> > Configuring Windows Server 2003-based ISA Server Firewall/VPN Server to
>> > accept inbound nat-t L2TP/IPSec calls
>> >   http://www.isaserver.org/tutorials/natt2003.html
>> >
>> > // Henrik
>> >
>> >
>> > "Miha" <miha.ber***@isg.si> wrote in message
>> > news:ue1xFNrYFHA.2664@TK2MSFTNGP15.phx.gbl...
>> >>
>> >> Hello
>> >>
>> >> In our organization we installed RRAS VPN server (on Windows 2003).
>> >> We want to use L2TP/IPsec, so I enabled option 'allow custom IPsec
> policy
>> >> for L2TP connection' and entered pre-shared key.
>> >>
>> >> Is it possible to use L2TP/IPsec connection without pre-shared key
> based
>> >> only on certificates?
>> >> Can anyone please explain me what is the procedure to configure RRAS
>> > server
>> >> to accept connections only from clients that have certificates (we
>> >> have
>> >> CA
>> >> already installed in our local domain).
>> >> Any guides or answers will be welcome
>> >>
>> >> Best regards
>> >> Miha
>> >>
>> >>
>> >>
>> >
>> >
>> >
>>
>>
>>
>
>
>